IT Security News Daily Summary 2025-04-15

210 posts were published in the last hour

21:32 : Sam Altman at TED 2025: Inside the most uncomfortable — and important — AI interview of the year
21:32 : MITRE CVE Program in Jeopardy
21:32 : How Safe Are Your Non-Human Identities?
21:32 : How to Feel Reassured with Cloud Data Security
21:5 : Neue Nachricht von Whatsapp? Warum der Messenger jetzt mit euch direkt chattet
21:5 : Support-Aus von Windows-10: Darum empfiehlt das BSI schon jetzt den Umstieg auf ein anderes System
21:4 : Operation BULUT: Encrypted Chats from Sky ECC, ANOM Lead to 232 Arrests
21:4 : Gartner’s 12 Emerging Tech Disruptors & Why ‘Technology Leaders Must Take Action Now’
21:3 : For security, Android phones will now auto-reboot after three days
21:3 : Microsoft 365 Outage – Admins are Unable to Access the Microsoft 365 Admin Center
21:3 : MITRE’s Support for CVE Program Set to Expire! – Internal Letter Leaked Online
21:3 : Publisher’s Spotlight: Industrial Defender
21:3 : Now 1.6M people had SSNs, life chapter and verse stolen from insurance IT biz
21:3 : MITRE Warns CVE Program Faces Disruption Amid US Funding Uncertainty
21:3 : BSidesLV24 – Breaking Ground – Insights On Using A Cloud Telescope To Observe Internet-Wide Botnet Propagation Activity
20:32 : Attacks on the education sector are surging: How can cyber-defenders respond?
20:5 : IT Security News Hourly Summary 2025-04-15 21h : 8 posts
20:3 : Fake PDFCandy File Converter Websites Spread Malware
20:2 : 4chan Breached? Hacker from Rival Soyjak Forum Claims Source Code Leak
20:2 : The Hidden Risks in AI Training Data—And How to Eliminate Them
19:33 : Securing Parquet Files: Vulnerabilities, Mitigations, and Validation
19:33 : Ransomware trends, statistics and facts in 2025
19:33 : How to ensure OT secure remote access and prevent attacks
19:33 : CISA Faces Massive Cuts, Sparking Security Fears and Political Blowback
19:33 : Suspected 4chan Hack Could Expose Longtime, Anonymous Admins
19:33 : Virtue AI Attracts $30M Investment to Address Critical AI Deployment Risks
19:3 : EFF Urges Court to Avoid Fair Use Shortcuts in Kadrey v. Meta Platforms
19:3 : 4chan, the ‘internet’s litter box,’ appears to have been pillaged by rival forum
19:3 : How to support OpenID AuthZEN requests with Amazon Verified Permissions
18:33 : How and Why Threat Hunting Teams Investigate Linux Malware Attacks
18:32 : Data Poisoning: The Next Evolution of Ransomware That No One is Ready For
18:32 : Why 78% of Security Leaders Are Rethinking Their Entire Cyber Strategy in 2025
18:32 : China names alleged US snoops over Asian Winter Games attacks
18:32 : AI-Powered Tools Now Facing Higher Risk of Cyberattacks
18:3 : All right, you can have one: DOGE access to Treasury IT OK’d judge
18:3 : Threat actors misuse Node.js to deliver malware and other malicious payloads
17:32 : Fake PDFCandy Websites Spread Malware via Google Ads
17:32 : How to Conduct a Successful Privileged Access Management Audit
17:32 : PIM vs PAM vs IAM. Definitions and Roles in the Cybersecurity Strategy
17:5 : IT Security News Hourly Summary 2025-04-15 18h : 9 posts
17:4 : ePA für alle startet: BSI hält elektronische Patientenakte für sicher genug
17:3 : Claude just gained superpowers: Anthropic’s AI can now search your entire Google Workspace without you
17:3 : UK’s Cyber Crime Down in 2024: Better ‘Cyber Hygiene Among Small Businesses
17:3 : Notorious image board 4chan hacked and internal data leaked
17:3 : Spotting Phishing Attacks with Image Verification Techniques
17:3 : New PasivRobber Malware Steals Data From macOS Systems and Applications
17:3 : Insurance Firm Lemonade Says API Glitch Exposed Some Driver’s License Numbers
17:3 : Fake Microsoft Office Add-Ins Targeting Crypto Transactions
16:33 : RSA Conference 2025
16:33 : ABB M2M Gateway
16:33 : Mitsubishi Electric Europe B.V. smartRTU
16:33 : Delta Electronics COMMGR
16:33 : Growatt Cloud Applications
16:33 : Lantronix Xport
16:33 : Slopsquatting
16:33 : MITRE Impact Report 2024: Strengthening Threat-Informed Defenses
16:33 : Privacy on the Map: How States Are Fighting Location Surveillance
16:32 : Transforming security with Microsoft Security Exposure Management initiatives
16:3 : Your Android phone is getting a new security secret weapon – how it works
16:3 : Hackers Exploiting EC2 Instance Metadata Vulnerability to Attacks Websites Hosted
16:3 : Microsoft Disables ActiveX by Default in 365 to Block Malware Execution by Hackers
16:3 : Malicious JScript Loader Jailbreaked to Uncover Xworm Payload Execution Flow
16:3 : Microsoft Asks Windows 11 Users Not to Delete Mysterious “inetpub” Folder
16:3 : Public Support Emerges for Chris Krebs, SentinelOne After Trump Memo
15:33 : Sicherheitspatches: Google beendet Unterstützung von Android 12
15:32 : DOGE Big Balls Ransomware turns into a big cyber threat
15:32 : Hertz data breach caused by CL0P ransomware attack on vendor
15:3 : Why Securing Prompts Will Never Be Enough: The GitHub Copilot Case
15:3 : Kidney Dialysis Services Provider DaVita Hit by Ransomware
15:3 : Trump vs. Biden Cyber Strategy — According to AI
14:35 : Dank KI: So sollen alte Pixel-Smartphones Forschern helfen, mit Delfinen zu kommunizieren
14:35 : Trotz Fokus auf Datenschutz: So soll Apple Intelligence besser werden
14:35 : Gefährlicher als Social Media: Warum KI-Freunde süchtiger machen
14:35 : Pokémon: Wird ein Spieleklassiker zum neuen Benchmark-Test für KI-Modelle?
14:35 : KI-Jailbreak mit Hilfe: So unterstützt ChatGPT Nutzer dabei, die eigenen Regeln zu brechen
14:35 : Google: Sicherheits-Neustart für Android-Smartphones
14:34 : UK Software Firm Exposed 1.1TB of Healthcare Worker Records
14:33 : Critical Apache Roller flaw allows to retain unauthorized access even after a password change
14:33 : Chinese snoops use stealth RAT to backdoor US orgs – still active last week
14:33 : Conduent Says Names, Social Security Numbers Stolen in Cyberattack
14:33 : Building Smarter AI Through Targeted Training
14:33 : WhatsApp Windows Vulnerability CVE-2025-30401 Could Let Hackers Deliver Malware via Fake Images
14:33 : Hertz data breach: Customers in US, EU, UK, Australia and Canada affected
14:33 : Critical Apache Roller Vulnerability (CVSS 10.0) Enables Unauthorized Session Persistence
14:33 : Chinese Hackers Target Linux Systems Using SNOWLIGHT Malware and VShell Tool
14:33 : North Korean Hackers Exploit LinkedIn to Infect Crypto Developers with Infostealers
14:5 : IT Security News Hourly Summary 2025-04-15 15h : 13 posts
14:3 : What Are the Benefits of a Microservices Architecture?
14:3 : How to Blur Your House on Google Maps and Why You Should Do It [6 Easy Steps]
14:3 : Check Point and Fuse to Deliver First Real-Time Blockchain Firewall
14:3 : Unmasking APT29: The Sophisticated Phishing Campaign Targeting European Diplomacy
14:3 : PlexTrac for CTEM helps security teams centralize security data
13:35 : Vorsicht: Verblitzte Augen durch Schweißarbeiten
13:34 : Microsoft Teams File Sharing Unavailable Due to Unexpected Outage
13:34 : Meta will use public EU user data to train its AI models
13:34 : Prophylactic Cybersecurity for Healthcare
13:34 : GitGuardian Launches NHI Governance to Secure Non-Human Identities and Their Secrets for Enterprises
13:34 : DataDome platform enhancements put businesses in control of AI agents
13:6 : Polizeiliche Datenanalyse: Mehrere Bundesländer gegen Einsatz von Palantir-Software
13:5 : Unified Endpoint Management: One Tool to Rule All
13:5 : Newly Purchased Android Phones With Pre-installed Malware Mimic as WhatsApp
13:5 : ChatGPT’s Image Generator Leveraged to Create Fake Passport
13:5 : New Update – Your Android Device To Restart Automatically If You Kept Idle
13:5 : Microsoft Teams File Sharing Outage, Users Unable to Share Files
13:5 : Zyxel Networks upgrades USG FLEX H series firewalls
13:5 : ConnectSecure empowers MSPs to mitigate risks within their clients’ Google Workspace environments
12:36 : Lübecker IT-Unternehmen: Nach Medienbericht weitere Datenlecks entdeckt
12:35 : New “Slopsquatting” Threat Emerges from AI-Generated Code Hallucinations
12:35 : PasivRobber Malware Emerges, Targeting macOS to Steal Data From Systems and Apps
12:35 : From ISO to NIS2 – Mapping Compliance Requirements Globally
12:35 : New ‘Waiting Thread Hijacking’ Malware Technique Evades Modern Security Measures
12:35 : Security Awareness Metrics That Matter to the CISO
12:35 : Cloud Misconfigurations – A Leading Cause of Data Breaches
12:35 : Bridewell research finds UK Financial Services under pressure from cyber security challenges and mounting regulatory requirements
12:35 : MIWIC25: Sochima Okoye, Cybersecurity Consultant at CSA Cyber
12:35 : ActiveX blocked by default in Microsoft 365 because remote code execution is bad, OK?
12:35 : Majority of Browser Extensions Can Access Sensitive Enterprise Data, New Report Finds
12:5 : Nach Bericht: Weitere Datenlecks bei Lübecker IT-Unternehmen gefunden
12:5 : [UPDATE] [mittel] Golang Go: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen
12:5 : Jailbreaking Malicious JScript Loader Reveals Xworm Payload Execution Chain
12:4 : Cybercriminals Exploit Search Results to Steal Credit Card Information
12:4 : How to Conduct a Cloud Security Assessment
11:38 : [UPDATE] [mittel] Linux Kernel: Schwachstelle ermöglicht nicht spezifizierten Angriff
11:38 : [UPDATE] [hoch] HPE HP-UX: Schwachstelle ermöglicht Codeausführung
11:38 : [UPDATE] [hoch] Linux Kernel: Mehrere Schwachstellen
11:37 : Paragon Hard Disk Manager Flaw Enables Privilege Escalation and DoS Attacks
11:37 : Where it Hertz: Customer data driven off in Cleo attacks
11:37 : Insider Threats Surge as Hybrid Workforces Expand – What CISOs Need to Know
11:37 : New Stealthy Malware ‘Waiting Thread Hijacking’ Technique Bypasses Modern Defenses
11:37 : NSFOCUS WAF New UI Showcase: Brand New Policy and Template Management Workflow
11:37 : Anomaly Detection at Scale: Machine Learning Approaches for Enterprise Data Monitoring
11:37 : Compliance Now Biggest Cyber Challenge for UK Financial Services
11:5 : IT Security News Hourly Summary 2025-04-15 12h : 20 posts
11:4 : Unerwarteter Wiedergänger: Windows-10-Update schlägt mit Code 0x80070643 fehl
11:4 : Stromversorgung: USV-Panne beschert Google Cloud mehrstündigen Ausfall
11:3 : ZDI-23-1527 and ZDI-23-1528: The Potential Impact of Overly Permissive SAS Tokens on PC Manager Supply Chains
11:3 : Hertz Data Breach Exposes Customer Personal Information to Hackers
11:3 : Best Practices for Transitioning from Security to Privacy
11:3 : How to Create an End-to-End Privileged Access Management Lifecycle
11:3 : China Pursuing 3 Alleged US Operatives Over Cyberattacks During Asian Games
11:3 : Critical flaws fixed in Nagios Log Server
10:34 : [NEU] [niedrig] SolarWinds Serv-U: Schwachstelle ermöglicht Cross-Site Scripting
10:34 : [NEU] [mittel] Linux Kernel: Mehrere Schwachstellen ermöglichen Denial of Service
10:33 : [UPDATE] [niedrig] Mattermost Mobile: Schwachstelle ermöglicht Offenlegung von Daten
10:33 : OpenAI Releases GPT-4.1 With Improved Coding
10:33 : Apple ‘Developing’ Two Vision Pro Headset Successors
10:33 : Hertz Data Breach – Customer Personal Information Stolen by Hackers
10:32 : Securing Critical Infrastructure – Lessons From Recent Cyber Attacks
10:32 : Hertz Discloses Data Breach Linked to Cleo Hack
10:32 : Crypto Developers Targeted by Python Malware Disguised as Coding Challenges
10:32 : Organizations Found to Address Only 21% of GenAI-Related Vulnerabilities
10:32 : Bot Traffic Overtakes Human Activity as Threat Actors Turn to AI
10:5 : 14.000 Fortinet-Firewalls kompromitiert: Angreifer nisten sich ein
10:5 : Slopsquatting: Von KI erfundene Paketnamen gefährden Systeme
10:4 : Year in Review: The biggest trends in ransomware
10:4 : CISO Conversations: Maarten Van Horenbeeck, SVP & Chief Security officer at Adobe
9:37 : Für Reisen in die USA: EU stattet Angestellte angeblich mit Wegwerfhandys aus
9:37 : Windows Server 2025: Domain-Controller sind nach Neustart nicht mehr erreichbar
9:36 : [NEU] [UNGEPATCHT] [mittel] MIT Kerberos: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen
9:36 : [UPDATE] [mittel] Mattermost Server: Mehrere Schwachstellen
9:35 : The Future of Authentication: Moving Beyond Passwords
9:35 : Google Groups File Attachment Restrictions Bypassed via Email Posting
9:35 : Why Every CISO Needs a Crisis Communications Plan in 2025
9:35 : Apache Roller Vulnerability Let Attackers Gain Unauthorized Access
9:35 : Why Security Leaders Are Turning to AI for Threat Detection
9:35 : 100,000+ Installed WordPress Plugin Critical Vulnerability Exploited Within 4 Hours of Disclosure
9:35 : The Great Security Tool Consolidation: How Enterprises are Rethinking Their Security Strategy
9:35 : LabHost Phishing Mastermind Sentenced to 8.5 Years
9:6 : Datensicherheit auf US-Reisen: EU gibt Angestellten angeblich Wegwerfhandys
9:6 : Silicon Valley: Gehackte Ampeln geben KI-Stimmen von Musk und “The Zuck” aus
9:6 : Podcast Besser Wissen: Auf Schatzsuche in der Kryptografie
9:5 : Meta Begins Using EU Users’ Data To Train AI
9:5 : Blue Origin Sends All-Female Crew Into Space
9:5 : Surfshark is our pick for best value VPN, and you can save up to 87% on plans right now
8:38 : Meta AI soll in Europa künftig mit euren Postings trainiert werden: Das müsst ihr dazu wissen
8:38 : OpenAI stellt GPT-4.1 vor: Was die neuen KI-Modelle können und wann sie ihre Vorgänger ablösen
8:37 : Intel Sells Majority Stake In Altera To Silver Lake
8:37 : Apple Leads Smartphone Market In First Quarter
8:37 : Over 100,000 WordPress Plugin Vulnerability Exploited Just 4 Hours After Disclosure
8:37 : CentreStack 0-Day Exploit Enables Remote Code Execution on Web Servers
8:37 : Hertz disclosed a data breach following 2024 Cleo zero-day attack
8:37 : The Hidden Cost of Backup Recovery in Ransomware Events
8:7 : Tax Season’s Silent Threat: The Importance of Securing the Software Supply Chain
8:7 : Over 100,000 WordPress Plugin VUlnerability Exploited Just 4 Hours After Disclosure
8:7 : Cookie pop-ups don’t have to be a fact of life online – how I block them and why
8:7 : EU gives staff ‘burner phones, laptops’ for US visits
8:5 : IT Security News Hourly Summary 2025-04-15 09h : 5 posts
7:34 : BESS-Brände rechtzeitig verhindern
7:34 : openCode soll Software-Abhängigkeit bei digitalen Infrastrukturen lösen
7:33 : Windows 10 Supportende: BSI rät zum Wechsel des Betriebssystems
7:33 : FTC Argues Meta Must Sell Instagram, WhatsApp
7:32 : Gladinet flaw CVE-2025-30406 actively exploited in the wild
7:32 : macOS Users Beware! Hackers Allegedly Offering Full System Control Malwares for Rent
7:32 : Samsung Galaxy S24 Vulnerability Let Create Arbitrary Files on Affected Installations
7:32 : Seemplicity adds AI-driven capabilities to scale remediation operations
7:32 : Slopsquatting risks, Morocco leak, EC ups US-based staff security
7:5 : BSI und ZenDiS: Mehr Sicherheit für digitale Infrastrukturen mit openCode
7:5 : Apache Roller Vulnerability Allows Hackers to Bypass Access Controls
7:5 : Hackers Use Microsoft Teams Chats to Deliver Malware to Windows PCs
6:38 : Online Services Again Abused to Exfiltrate Data, (Tue, Apr 15th)
6:38 : China accuses NSA for launching advanced Cyber Attacks on its infrastructure
6:38 : Why Shutting Down Systems After a Cyberattack is Not Recommended
6:38 : Why shorter SSL/TLS certificate lifespans matter
6:2 : Cybercriminal groups embrace corporate structures to scale, sustain operations
5:34 : Galaxy S24 Vulnerability Poses Risk of Unauthorized File Access
5:34 : Third-Party Risk Management – How to Build a Strong TPRM Program
5:34 : 94% of firms say pentesting is essential, but few are doing it right
5:34 : Meta Resumes E.U. AI Training Using Public User Data After Regulator Approval
5:34 : Gladinet’s Triofox and CentreStack Under Active Exploitation via Critical RCE Vulnerability
5:9 : The Growing Threat of Zero-Click Spyware: Why Organizations Must Rethink Smartphone Security

Post navigation